<?php
    require ('../api/config.php');
    //检测是否登陆
    if(!$username)
    {
        $url="../login.php";
    	Header("HTTP/1.1 303 See Other");
    	Header("Location: $url");
    	exit;
    }
    
    if($state!='6')
    {
        echo '<script> alert("你没有权限访问，只有管理员赋予的权限才能访问！");window.location.href="../"</script>';
        exit;
    }
    
        //查询用户信息
    $uid = $_GET['user'];
    if(!$uid){echo '非法请求！';exit;}
    else{
        $sql = mysqli_query($conn,"SELECT * FROM users WHERE uid LIKE '$uid' ");
        $users = mysqli_fetch_array($sql);
        $user = $users["username"];
        $pass = $users["password"];
        $wpass = $users["password"];
        $stat = $users["stat"];
        $qq = $users["qqnum"];
        $jf = $users["ints"];
        $id = $users["uid"];
    }
    
    
    //处理提交的数据
    $uid = isset($_GET['user']);
    $go = isset($_POST['go']);
    if($go == '提交更改' and ($qq or $user or $pass or $root or $jf)){
        
        $qq = $_POST['qq'];
        $user = $_POST['user'];
        $pass = $_POST['pass'];
        $root = $_POST['root'];
        $jf = $_POST['jf'];
        $vipstoptime = $_POST['vipstoptime'];
        
        if (strlen($user)<'2' or strlen($pass)<'6' or strlen($qq)<'6' or strlen($qq)>'11') {
            echo '<script> alert("【账号、密码、QQ不符合标准！】\n\n账号长度：大于汉字1位或英文数字2位\n密码长度：至少6位\nQQ长度：6位到11位\n且QQ账号不合法不可使用"); </script>';
        }else{
            if($wpass != $pass){
                $pass = md5($pass);
            }
            $sql= "update users set username='$user',qqnum='$qq',password='$pass',stat='$root',ints='$jf',vipstoptime='$vipstoptime' WHERE uid = $uid;";
            $result=$conn->query($sql);
            if(!$result ){echo '<script> alert(" 修改失败\n"); </script>' ;}
            else{echo '<script> alert("修改成功！");</script>';}
        }
        
    }else{
        if($go == '提交数据'){
            echo '<script> alert("所有选项都是必填！");</script>';
        }
    }
    
    
    //快捷处理
    $uid = isset($_GET['user']);
    $root = isset($_GET['root']);
    if($uid and $root){
        if($root=='5'){
            $sql= "update users set stat='5' WHERE uid = $uid";
            $result=$conn->query($sql);
            if(!$result ){echo '<script> alert("修改失败\n"); </script>' ;}
            else{echo '<script> alert("创作者开通成功！");</script>';}
        }
        elseif ($root=='2') {
            $sql= "update users set stat='2' WHERE uid = $uid";
            $result=$conn->query($sql);
            if(!$result ){echo '<script> alert("修改失败\n"); </script>' ;}
            else{echo '<script> alert("普通账号恢复成功！");</script>';}
        }
        elseif($root=='1'){
            $sql= "update users set stat='1' WHERE uid = $uid";
            $result=$conn->query($sql);
            if(!$result ){echo '<script> alert("修改失败\n"); </script>' ;}
            else{echo '<script> alert("用户已被限制登录！");</script>';}
        }
        elseif($root=='del'){
            $del = $_GET['del'];
            if($del == 'yes'){
                $sql= "update users set stat='0' WHERE uid = $uid";
                $result=$conn->query($sql);
                if(!$result ){echo '<script> alert("永久封禁\n"); </script>' ;}
                else{echo '<script> alert("用户已被永久封禁！")';}
            }else{
                echo '<script> alert("永久封禁是不可逆操作，确认永久封禁？"); window.location.href="admin_user.php?user='.$uid.'&root=del&del=yes"</script>';
            }
        }
        $stat = $root;
    }
    
?>
<html>
	<head>
		<meta charset="utf-8">
		<title>管理用户</title>
		<link rel="stylesheet" type="text/css" href="../style/css/user.css"/>
	</head>
	<style type="text/css">
		input{
			border: none;
			background-color: #fff;
			text-align: center;
			font-size: 18px;
			line-height: 30px;
            border-radius: 10px;
		}
		th b{
			font-size: 20px;
		}
		th img{
		    width: 50px;
		    height: 50px;
		}
	</style>
	<body>
		<div id="admin">
			<div id="tit">
				<li>账号更改</li>
			</div>
			<div class="admin" id="zhxx">
				<div id="admin-a">
					<form action="admin_user.php?user=<?php echo $uid; ?>" method="post">
						<table width="100%" border="1" align="left" frame="void" rules="none" cellpadding="10px" bordercolor="#aaaaaa" >
						<tr>
							<th><b>头像</b></th>
							<th><b>ID</b></th>
							<th><b>用户名</b></th>
							<th><b>密码</b></th>
						</tr>	
						<tr>
							<th><img src="http://q4.qlogo.cn/g?b=qq&nk=<?php echo $qq; ?>&s=100"></th>
							<th><?php echo $id; ?></th>
							<th><input type="text" name=user value="<?php echo $user; ?>" /></th>
							<th><input type="password" name=pass value="<?php echo $pass; ?>" /></th>
						</tr>
						<tr>
							<th><b>QQ</b></th>
							<th><b>权限</b></th>
							<th><b>积分</b></th>
						</tr>
						<tr>
							<th><input type="text" name=qq value="<?php echo $qq; ?>" /></th>
							<th><input type="text" name=root value="<?php echo $stat; ?>" /></th>
							<th><input type="text" name=jf value="<?php echo $jf; ?>" /></th>
							<th><input type="submit" id="go" name="go" value="提交更改"/></th>
						</tr>
						</table>
					</form>
				</div>
			</div>
		</div>
		
		<div id="admin">
			<div id="tit">
				<li>账号快捷操作</li>
			</div>
			<div class="admin" id="zhxx">
				<div id="admin-a">
				    <a href="admin_user.php?user=<?php echo $uid; ?>&root=5"><button type="button" >开通创作者</button></a>
				    
					<a href="admin_user.php?user=<?php echo $uid; ?>&root=2"><button type="button" style="background-color: #20a53a;">恢复普通用户</button></a>
					
				    <a href="admin_user.php?user=<?php echo $uid; ?>&root=1"><button type="button" style="background-color: #ffa672;">限制登陆</button></a> 
					
					<a href="admin_user.php?user=<?php echo $uid; ?>&root=del"><button type="button" style="background-color: #F92672;">永久封禁</button></a>
					
				</div>
			</div>
			
			
		</div>
		<div id="admin">
			<div id="tit">
				<li>操作说明</li>
			</div>
			<div class="admin" id="zhxx">
				<div id="admin-a">
					
					<li><b>用户权限:</b>1:限制登录 、 0:封禁 、 5:创作者 、 6:管理员</li>
					
					<li><b>QQ号的作用:</b>提供头像的作用</li>
					
					<li><b>管理员:</b>管理员默认账号:admin 密码:admin@123</li>
					
					<li><b>管理员权限:</b>请不要随便赋予其他用户管理员权限,可能会导致严重后果!</li>
				</div>
				
			</div>
		</div>
	</body>
</html>
